WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

System Restore gone wrong

Started by Nettie724 , Jul 18 2014 02:39 PM

This topic is locked

6 replies to this topic

#1 Nettie724

Authentic Member

Authentic Member
206 posts

Posted 18 July 2014 - 02:39 PM

I let my neighbor borrowed my laptop. Upon visiting her, I found my laptop irritatingly slow, the system freezes, & can't get any updates. I can't do a system restore, the laptop won't stay powered on unless I have the adaptor (power) cord attached to it. When I try to do a system restore, it goes back to May 25, 2014. I chose that date even though I know the system has been acting up a couple of months before that. Any help at this point will be greatly appreciated. I am going to start a new post in the Windows section for the System Restore fix as I see this same topic in the Windows section of this site. I hope that is ok.

This is the message I received on my last attempt to do a System Restore.

"System Restore did not complete successfully. Your computer's system files and settings were not changed.

Details: The System Restore is still in progress or did not complete.

You might want to try System Restore again or choose a different restore point."

I have Windows Vista Home Premium

Dell Inspiron 1525

Intel Core 2 Duo CPU w/ 3 GB Memory.

Advertisements

Register to Remove

#2 Ztruker

WTT Technical Elder

Tech Team
8,292 posts

Interests:Helping people fix MS Windows related computer problems of all kinds.

Waking each morning to see the green side of the Earth!

Posted 18 July 2014 - 03:33 PM

You need to make sure there is no malware before checking for other problems.

Go to the Spyware / Malware / Virus Removal forum, read the info there and follow the posted directions. Once you receive a clean bill of health, come back here if you have any additional questions or concerns or it turns out not to be a malware problem.

Please be patient as that is a very busy area. If you do not receive a response in 3 days, post a message here: What To Do If You Have No Response In 3 Days?

Do not reply to your post there as the malware folks look for posts with no replies first.

Rich

Die with memories, not dreams. – Unknown

#3 Nettie724

Authentic Member

Authentic Member
206 posts

Posted 19 July 2014 - 06:49 PM

I hope this is what you wanted me to do from your instructions. I'm not sure if this mean I have a clean bill of health or not.

Here are the posts you requested I run.

OTL.txt report:

OTL logfile created on: 7/18/2014 7:45:57 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Scott\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19543)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 51.65% Memory free

6.18 Gb Paging File | 4.65 Gb Available in Paging File | 75.18% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 220.58 Gb Total Space | 128.12 Gb Free Space | 58.08% Space Free | Partition Type: NTFS

Drive D: | 9.77 Gb Total Space | 5.47 Gb Free Space | 56.00% Space Free | Partition Type: NTFS

Computer Name: SCOTT-PC | User Name: Scott | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Scott\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program Files\AVG Secure Search\vprot.exe ()

PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe (AVG Secure Search)

PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe ()

PRC - c:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Program Files\InboxAce_1g\bar\1.bin\1gbrmon.exe (VER_COMPANY_NAME)

PRC - C:\Program Files\InboxAce_1g\bar\1.bin\1gbarsvc.exe (COMPANYVERS_NAME)

PRC - C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)

PRC - C:\Program Files\CenturyLink\QuickCare\bin\tgsrvc.exe (SupportSoft, Inc.)

PRC - C:\Program Files\CenturyLink\QuickCare\bin\sprtsvc.exe (SupportSoft, Inc.)

PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

PRC - C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)

PRC - C:\Windows\System32\stacsv.exe (IDT, Inc.)

PRC - C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)

PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll ()

MOD - C:\Program Files\AVG Secure Search\vprot.exe ()

MOD - C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll ()

MOD - C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll ()

MOD - C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll ()

MOD - C:\Program Files\AVG Secure Search\TBAPI.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll ()

========== Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)

SRV - (vToolbarUpdater18.1.7) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe (AVG Secure Search)

SRV - (avgwd) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

SRV - (InboxAce_1gService) -- C:\Program Files\InboxAce_1g\bar\1.bin\1gbarsvc.exe (COMPANYVERS_NAME)

SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)

SRV - (tgsrvc_quickcare) -- C:\Program Files\CenturyLink\QuickCare\bin\tgsrvc.exe (SupportSoft, Inc.)

SRV - (sprtsvc_quickcare) -- C:\Program Files\CenturyLink\QuickCare\bin\sprtsvc.exe (SupportSoft, Inc.)

SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)

SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)

SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (IDT, Inc.)

SRV - (AESTFilters) -- C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)

SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

========== Driver Services (SafeList) ==========

DRV - (SymIMMP) -- system32\DRIVERS\SymIM.sys File not found

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (BCM42RLY) -- system32\drivers\BCM42RLY.sys File not found

DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)

DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)

DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)

DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgdiskx) -- C:\Windows\System32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)

DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)

DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)

DRV - (IntcHdmiAddService) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel® Corporation)

DRV - (OEM02Vfx) -- C:\Windows\System32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.)

DRV - (OEM02Dev) -- C:\Windows\System32\drivers\OEM02Dev.sys (Creative Technology Ltd.)

DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)

DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)

DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)

DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)

DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)

DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)

DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS

IE - HKLM\..\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e}: "URL" = http://search.tb.ask...r={searchTerms}

IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKLM\..\SearchScopes\ComcastSearch: "URL" = http://search.comcas...cat=Web&con=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

IE - HKCU\..\URLSearchHook: {5fdb0cd8-5760-44d1-8d13-a78bf558c3c7} - No CLSID value found

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\..\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e}: "URL" = http://search.tb.ask...r={searchTerms}

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={B0C99B09-3B95-4B25-9C5F-2316CA3BB3FD}&mid=dbcdbd7bf1730a95f8a27b9c8dfe6a84-2dc3384a3ee3d63b323b3db705c126c60234bd32&lang=en&ds=AVG&pr=fr&d=2011-10-12 22:40:30&v=17.2.0.38&pid=avg&sg=0&sap=dsp&q={searchTerms}

IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://search.avg.co...e}&iy=&ychte=us

IE - HKCU\..\SearchScopes\ComcastSearch: "URL" = http://search.comcas...cat=Web&con=ie7

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll File not found

FF - HKLM\Software\MozillaPlugins\@InboxAce_1g.com/Plugin: C:\Program Files\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\17.2.0.38

[2010/04/26 19:42:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Extensions

[2010/04/26 19:42:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\35.0.1916.153\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll

CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1829_0\plugins/avgnpss.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: Windows LiveÂ™ Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\

CHR - Extension: AdBlock = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.7_0\

CHR - Extension: Google Wallet = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found

O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Search Assistant BHO) - {9359da42-06fb-46f2-9e4a-05c05b98a5ef} - C:\Program Files\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)

O2 - BHO: (CenturyLink) - {A317CB83-299C-4FC8-9ED7-2D64117D98EE} - C:\Program Files\qwesttoolbar\qwesttoolbarDx.dll ()

O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)

O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found

O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Toolbar BHO) - {d5a1d22b-9e17-454f-8ecd-83c578fb3983} - C:\Program Files\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)

O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (InboxAce) - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)

O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)

O3 - HKLM\..\Toolbar: (CenturyLink) - {A317CB83-299C-4FC8-9ED7-2D64117D98EE} - C:\Program Files\qwesttoolbar\qwesttoolbarDx.dll ()

O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (InboxAce) - {3775AFD7-5921-4571-968F-85A631203D1C} - C:\Program Files\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)

O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [hpqSRMon] File not found

O4 - HKLM..\Run: [InboxAce EPM Support] C:\Program Files\InboxAce_1g\bar\1.bin\1gmedint.exe (Mindspark Interactive Network, Inc.)

O4 - HKLM..\Run: [InboxAce Home Page Guard 32 bit] "C:\PROGRA~1\INBOXA~2\bar\1.bin\AppIntegrator.exe" File not found

O4 - HKLM..\Run: [InboxAce Search Scope Monitor] C:\Program Files\InboxAce_1g\bar\1.bin\1gSrchMn.exe (Mindspark)

O4 - HKLM..\Run: [InboxAce_1g Browser Plugin Loader] C:\Program Files\InboxAce_1g\bar\1.bin\1gbrmon.exe (VER_COMPANY_NAME)

O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()

O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)

O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()

O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)

O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FE46B69-5EBE-4C97-8567-8C339A909E76}: DhcpNameServer = 75.75.75.75 75.75.76.76

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)

O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\inspiron_NB_1280x864_03.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\inspiron_NB_1280x864_03.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{40e7b625-0979-11df-8ce8-00219bdf33cc}\Shell - "" = AutoRun

O33 - MountPoints2\{40e7b625-0979-11df-8ce8-00219bdf33cc}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a

O33 - MountPoints2\{78450202-0cfe-11e1-92ce-00219bdf33cc}\Shell - "" = AutoRun

O33 - MountPoints2\{78450202-0cfe-11e1-92ce-00219bdf33cc}\Shell\AutoRun\command - "" = G:\UEZLink.exe

O33 - MountPoints2\{b1c7986b-fba8-11e0-a9e9-00219bdf33cc}\Shell - "" = AutoRun

O33 - MountPoints2\{b1c7986b-fba8-11e0-a9e9-00219bdf33cc}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a

O33 - MountPoints2\{f805ddd8-65b5-11df-a786-00219bdf33cc}\Shell - "" = AutoRun

O33 - MountPoints2\{f805ddd8-65b5-11df-a786-00219bdf33cc}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true

O33 - MountPoints2\{f8eb5cb0-66e8-11df-88d1-00219bdf33cc}\Shell\AutoRun\command - "" = F:\setupSNK.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/07/16 20:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2014/07/09 13:29:26 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll

[2014/07/09 13:29:24 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2014/07/09 13:28:48 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2014/07/09 13:28:46 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2014/07/09 13:28:45 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2014/07/09 13:28:45 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2014/07/09 13:28:45 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2014/07/09 13:28:44 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2014/07/09 13:28:44 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2014/07/09 13:28:44 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2014/07/09 13:28:44 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2014/07/09 13:28:44 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2014/07/09 13:28:44 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2014/07/09 13:28:44 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2014/07/09 13:28:44 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2014/07/09 13:28:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2014/07/09 13:28:43 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2014/07/09 13:28:43 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2014/07/09 13:28:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2014/07/09 13:28:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll

[2014/07/09 13:28:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2014/07/01 11:10:23 | 000,000,000 | ---D | C] -- C:\Users\Scott\Documents\Ann's & Ehsan's Wedding

[91 C:\Users\Scott\Documents\*.tmp files -> C:\Users\Scott\Documents\*.tmp -> ]

[1 C:\Users\Scott\AppData\Local\*.tmp files -> C:\Users\Scott\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/07/18 19:45:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2014/07/18 19:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014/07/18 18:59:45 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2014/07/18 18:59:45 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2014/07/18 15:06:25 | 000,645,894 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2014/07/18 15:06:24 | 000,120,994 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2014/07/18 15:01:37 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics

[2014/07/18 14:59:51 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014/07/18 14:59:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2014/07/16 20:35:19 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2014/07/11 08:22:32 | 000,380,904 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2014/07/09 13:45:26 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2014/07/09 13:45:26 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2014/07/03 11:13:14 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk

[2014/06/28 00:06:27 | 000,000,940 | ---- | M] () -- C:\Users\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk

[2014/06/23 08:22:31 | 000,042,784 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys

[91 C:\Users\Scott\Documents\*.tmp files -> C:\Users\Scott\Documents\*.tmp -> ]

[1 C:\Users\Scott\AppData\Local\*.tmp files -> C:\Users\Scott\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/07/16 20:35:19 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2014/06/11 17:31:53 | 000,000,000 | ---- | C] () -- C:\Users\Scott\AppData\Local\{EA8F7E9C-935E-4551-976C-2CF79EA2A98C}

[2013/12/15 18:33:36 | 000,000,000 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\wklnhst.dat

[2012/06/05 21:25:15 | 000,004,096 | -H-- | C] () -- C:\Users\Scott\AppData\Local\keyfile3.drm

[2010/09/25 09:02:42 | 000,029,960 | ---- | C] () -- C:\Users\Scott\spray_foam_insulation.pdf

[2010/03/03 22:14:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/02/08 19:50:16 | 000,006,648 | ---- | C] () -- C:\Users\Scott\AppData\Local\d3d9caps.dat

[2008/12/29 18:45:57 | 000,008,248 | ---- | C] () -- C:\Users\Scott\AppData\Local\en.ini

[2008/11/19 16:58:14 | 000,089,088 | ---- | C] () -- C:\Users\Scott\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/11/09 13:31:43 | 000,000,552 | ---- | C] () -- C:\Users\Scott\AppData\Local\d3d8caps.dat

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 08:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2014/05/20 00:34:36 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\AVG2014

[2010/03/31 00:12:40 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\EPSON

[2010/12/13 20:35:02 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Image Zone Express

[2010/10/30 12:41:35 | 000,000,000 | -H-D | M] -- C:\Users\Scott\AppData\Roaming\InstallJammer Registry

[2010/03/28 18:23:35 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Leadertech

[2011/11/03 22:03:34 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\OpswatLogs

[2014/07/16 22:06:03 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\PCHC

[2010/12/09 21:40:02 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Printer Info Cache

[2011/12/08 23:07:00 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\QuickScan

[2014/07/16 22:06:03 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Riverpoint Writer

[2011/07/18 11:01:29 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Sammsoft

[2013/12/15 18:33:36 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Template

[2014/05/20 00:32:41 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\TuneUp Software

[2014/07/16 22:06:03 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\W Photo Studio Viewer

[2010/05/21 17:36:33 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Walgreens

[2012/07/06 15:31:33 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\WeatherBug

========== Purity Check ==========

========== Custom Scans ==========

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %temp%\smtmp\*.* /s > >

< MD5 for: EXPLORER.EXE >

[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe

[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe

[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe

[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe

[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe

[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe

[2008/01/20 21:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: EXPLORER.EXE.2112.DMP >

[2014/05/24 14:43:20 | 002,620,964 | ---- | M] () MD5=19AED50239EE32DA38BBC05C685CCDAB -- C:\Users\Scott\AppData\Local\CrashDumps\explorer.exe.2112.dmp

< MD5 for: EXPLORER.EXE.MUI >

[2006/11/02 07:41:18 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\en-US\explorer.exe.mui

[2006/11/02 07:41:18 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_03bbc52176b6ba20\explorer.exe.mui

< MD5 for: EXPLORER.EXE-D5E97654.PF >

[2014/07/11 08:25:00 | 000,164,760 | ---- | M] () MD5=A3385388CFC724993BC1DECEEBF6E4BA -- C:\Windows\Prefetch\EXPLORER.EXE-D5E97654.pf

< MD5 for: IEXPLORE.EXE >

[2012/02/28 06:33:51 | 000,638,240 | ---- | M] (Microsoft Corporation) MD5=00A346CE3D3701EA085E87EEF746A74A -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19222_none_123762452fda50e6\iexplore.exe

[2011/07/23 06:02:27 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=04D1DC458C723B291179F8449ACC281D -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19120_none_12355fcb2fdc2111\iexplore.exe

[2013/03/01 07:26:43 | 000,638,104 | ---- | M] (Microsoft Corporation) MD5=062C1DA7AC453D890FA2D3D6768A74F6 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19412_none_124235fd2fd22f43\iexplore.exe

[2009/01/14 23:14:36 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=0844F5B9CB3BB85A917D347EF1565B6C -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_2d84c7c91ccfce35\iexplore.exe

[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe

[2012/11/09 05:44:47 | 000,638,040 | ---- | M] (Microsoft Corporation) MD5=0BC355C49DC6D3E678D4C5C5AE467AEF -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19393_none_11ecb50130122afb\iexplore.exe

[2011/09/30 18:49:11 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=0E1695AD4C30E72D68170F01B4818A80 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23250_none_129e8cd2491214ae\iexplore.exe

[2014/02/02 15:11:36 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=153A7C95B3E529725FB60632BD0B2DD7 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19499_none_11f2b8a3300cc02c\iexplore.exe

[2008/06/26 22:54:09 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=157F8DE991396C536820D7FA5C8DCF7D -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16711_none_2d71f3a71cdf2247\iexplore.exe

[2008/08/06 13:06:32 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=182CAF7403705ACCB51211A761080B8F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_2dc0b0c03628049a\iexplore.exe

[2008/10/01 22:50:01 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=19403B64906C9EAC627E3C10847B0FDA -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16757_none_2d4cb5b31cfa2a15\iexplore.exe

[2009/11/21 01:42:38 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=1B6362BB14FCEB9E76BCF9A953B04788 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_120f459f2ff7e1f8\iexplore.exe

[2009/07/18 07:16:49 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=1D5A01AA2DE47C052AF46D7EBCB003A3 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16890_none_2d1a75e31d20e59f\iexplore.exe

[2009/07/18 16:39:09 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=1D8163DBFECAEDB9C48C5F55084BC491 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18294_none_2f04b5b11a43dbec\iexplore.exe

[2009/03/02 23:18:52 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=1DD66A2851DACDEC32EAE8F9A8865ABD -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21023_none_2df29b2236034119\iexplore.exe

[2009/04/24 11:25:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=1F44940EF1D07D0BDAF80E55853DFBD0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\iexplore.exe

[2010/02/23 10:06:13 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=25DB705A7DC85C208B3CF2D20F118AA7 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_127872a6492dd595\iexplore.exe

[2012/05/15 03:57:00 | 000,638,048 | ---- | M] (Microsoft Corporation) MD5=26B900640CE979A708FD3793FA8A6C50 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23359_none_12a791524909f5e4\iexplore.exe

[2011/11/03 02:33:09 | 000,638,240 | ---- | M] (Microsoft Corporation) MD5=2A268DF89913A0E927091077878EDB3E -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23266_none_1299bea24914c8a9\iexplore.exe

[2009/04/11 01:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation) MD5=2C5168C856455CC43C4B4E1CC1920001 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\iexplore.exe

[2009/08/27 00:23:17 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=2E48756F12C21F46895036AC089AAD97 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_123d862d2fd4be39\iexplore.exe

[2014/02/01 17:04:25 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=3474D2AB4B51A0E29E8D86CDCBEF460C -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23562_none_1295c32c49185ac2\iexplore.exe

[2010/01/02 09:58:26 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=3D8DA00B028DEA9517066F1CECBFC4A2 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_128c11ea491f6b05\iexplore.exe

[2014/05/28 01:59:54 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=44E5A52D4FA15DB3E93A04478BAFBC5F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23603_none_12d7a4e448e6c99a\iexplore.exe

[2014/05/27 20:15:50 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=4863014FC741B3CA95C8170B26AFD8C6 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19539_none_12339a112fdc15ad\iexplore.exe

[2010/05/04 01:32:18 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=48A6109E8DF0365195298CC527B7426A -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_12d2cb5048e98eab\iexplore.exe

[2010/09/08 01:26:34 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=4A719476A6393B1DCACFEB4F3AC6599C -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_129abb204913e7b2\iexplore.exe

[2009/07/22 01:04:09 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=4B5AEA50CE77FBA4C2D169622DC9B489 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_12d7c15e48e6a76e\iexplore.exe

[2008/10/15 23:27:53 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=4CBA2F58668F2D5F3259CBE73E227F25 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_none_2debf43c36078f24\iexplore.exe

[2011/07/23 06:42:34 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=4D08A4234D645EFCB30605CC0BFA87F4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23216_none_12cfce3e48ec3cf4\iexplore.exe

[2008/06/26 20:41:30 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=4DBD95312B1C96C5285D38F1D748CD4D -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20868_none_2dcc82dc361eff27\iexplore.exe

[2014/02/23 06:52:04 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=52D0BBF2C9F7F292A10F20149E216D5D -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23580_none_127e22c0492a5ff6\iexplore.exe

[2010/11/02 01:03:13 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=5AB037B17F8A87D052F5A88E0D29A3C8 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_11f2d8e9300c984e\iexplore.exe

[2008/01/20 21:23:50 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=5B92133D3E7FB2644677686305E29E81 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\iexplore.exe

[2013/10/25 04:02:37 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=5C642DB5CE65342861AE21761F7D94D0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23543_none_12ac634e49073c37\iexplore.exe

[2010/05/04 01:00:35 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=5C9B1062EA7A44E8F6BFDE994B68C7AA -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_123d88132fd4bb60\iexplore.exe

[2008/10/01 22:32:01 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=6655B851D9EEF7C83395EE52D551B448 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20927_none_2df6c42835ff7333\iexplore.exe

[2013/10/13 06:57:38 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=6FFAB7560479BD8E31D5005A961526D8 -- C:\Windows\SoftwareDistribution\Download\e1dc109484fce44eb7192dc0ab315002\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19483_none_11f786d3300a0c31\iexplore.exe

[2013/10/12 08:13:54 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=726B426DD8BE34D73E5F36E9222A3CD3 -- C:\Windows\SoftwareDistribution\Download\e1dc109484fce44eb7192dc0ab315002\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23536_none_12ba341848fc6c4b\iexplore.exe

[2012/08/25 09:00:49 | 000,638,064 | ---- | M] (Microsoft Corporation) MD5=73FB5D3283671B301A59544B58EFECF8 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23415_none_12ced1c048ed1deb\iexplore.exe

[2010/06/26 01:06:48 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=7420BE0E7D3D1320054F7ACA0594953D -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_1222e6c92fe9748f\iexplore.exe

[2010/12/18 02:19:44 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=7852371DA9EFBC17B645558E23780EAC -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_12cacae648f0c11a\iexplore.exe

[2011/09/30 18:07:49 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=7ACBBC85FCE4989B533220FC3B291633 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19154_none_1218f12f2ff0da40\iexplore.exe

[2012/06/28 06:40:41 | 000,638,048 | ---- | M] (Microsoft Corporation) MD5=7BC18656CCDD305665D3D7FAA283744A -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19298_none_11f1b48d300dac87\iexplore.exe

[2009/08/27 08:31:08 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=7DD482E4A2E3CBB0A72F718C342F5B75 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_12d1f2e448ea4212\iexplore.exe

[2011/05/28 02:09:20 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=7EE10C5413AD7ED1AF9E8FAE1B58FC3E -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23181_none_127f1b72492984b1\iexplore.exe

[2009/07/18 07:16:45 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=7FCF4E704A48D95202F3E7A1E1A21412 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21089_none_2db7bd56362e80c9\iexplore.exe

[2010/01/02 01:40:20 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=88BD42DAE7CFFEB256CA7145A15E4843 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_11f6a4e9300acdd5\iexplore.exe

[2014/02/23 05:54:56 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=89E7D65BC0980AC94732034E87D89ADC -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19518_none_1248399f2fccc474\iexplore.exe

[2009/03/02 23:32:44 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=8BA2B7A05F88BE0D45237A0994AD8366 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22389_none_2f9e23da3354de78\iexplore.exe

[2010/11/02 02:13:47 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=92A17B0A89D14815AACC62CD190B6CE3 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_127449a04931a37b\iexplore.exe

[2008/08/06 13:06:32 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=9437CA21CD48C9B6BFD6F5AC0143D251 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_2d5382911cf5aba1\iexplore.exe

[2012/05/15 01:37:18 | 000,638,048 | ---- | M] (Microsoft Corporation) MD5=9AC31470779A703021C337FD83D683EE -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19272_none_120152a93002dc9b\iexplore.exe

[2011/02/22 02:18:28 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=9CE5543464432CA73134F170FA2BF823 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23143_none_12ac5bb64907479b\iexplore.exe

[2014/02/23 12:39:17 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=9E56F048B463081F2DE59F3F63459831 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23569_none_129cc53249120c23\iexplore.exe

[2009/03/02 23:40:22 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=9E6C1527D9A2C64BFD780AA23075380F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18226_none_2f5265b91a094b03\iexplore.exe

[2010/02/23 01:39:16 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=9F52FBE99C749E3F32C75124F09F1B03 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_124f26c32fc81e22\iexplore.exe

[2014/05/23 19:57:39 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=AAE6FC0EE5754C31189121493912A4E3 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23598_none_127b5524492b469f\iexplore.exe

[2014/05/28 02:07:56 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=ABB7B48BE45D52BAF7A9931B1EEACAA5 -- C:\Program Files\Internet Explorer\iexplore.exe

[2014/05/28 02:07:56 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=ABB7B48BE45D52BAF7A9931B1EEACAA5 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19543_none_1222c8692fe99994\iexplore.exe

[2009/03/08 16:09:24 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\iexplore.exe

[2010/12/18 01:28:35 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=B988D7F127B94BD5BF8356FE81B985C4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_1249306b2fcbec08\iexplore.exe

[2014/02/23 12:45:27 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=BB51960837DF3308F8929C687B7160B0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19507_none_125209412fc58f2c\iexplore.exe

[2011/02/22 01:21:12 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=C1D36A2CBE0CEC4DF593DB1288CF586E -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19048_none_1227c05d2fe52684\iexplore.exe

[2009/07/21 16:53:43 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=C33BD196A0301F9B23D9A003D30ED8B0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_124354a72fd12395\iexplore.exe

[2011/11/03 01:23:19 | 000,638,240 | ---- | M] (Microsoft Corporation) MD5=CCDB0B2D1F2E016966B1DB1097E24842 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19170_none_11ff502f3004acc6\iexplore.exe

[2012/11/09 07:25:15 | 000,638,024 | ---- | M] (Microsoft Corporation) MD5=CCF48EB85EF9B67250CEBA8043B28AD0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23461_none_1294c0fc49194444\iexplore.exe

[2012/06/28 08:04:55 | 000,638,048 | ---- | M] (Microsoft Corporation) MD5=CE4945834BFE91AF301FA829E3E8A7AA -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23385_none_128320664925e45b\iexplore.exe

[2012/02/28 13:09:50 | 000,638,240 | ---- | M] (Microsoft Corporation) MD5=CF4EFFB58D9D91E8D219C8E93BC59471 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23318_none_12d1d0b848ea6cc9\iexplore.exe

[2009/04/24 11:03:18 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=D5271AC4A06AD9D1E2EA0151B79B2657 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\iexplore.exe

[2010/09/08 01:02:42 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=D5A730DFDEAE005373E62BC2A866E3BB -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_120477992ffffb10\iexplore.exe

[2009/04/24 11:01:36 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=D6157423C117F24D24695866A1D0A93F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\iexplore.exe

[2013/10/25 03:26:54 | 000,638,120 | ---- | M] (Microsoft Corporation) MD5=D66144C1BC885E523AD74BAD1EC6566D -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19489_none_11fd888f3004a43b\iexplore.exe

[2008/10/15 23:42:58 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=D762642A109433EEDCD332B0A9511137 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_none_2d3ee4e91d04fa01\iexplore.exe

[2012/08/25 06:55:48 | 000,638,064 | ---- | M] (Microsoft Corporation) MD5=E5E317948D5F2B28A7D7A2E8F29F1008 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19328_none_123d65e72fd4e617\iexplore.exe

[2013/03/01 08:28:50 | 000,638,104 | ---- | M] (Microsoft Corporation) MD5=E71F19803DE772F1AA541BE97F1D64B9 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23480_none_127e20da492a62cf\iexplore.exe

[2009/11/21 10:05:17 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=E7F8DF50E483D165BB01F367D3519AA7 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_12a4b2a0490c7f28\iexplore.exe

[2009/03/02 23:22:10 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=EA4BE33726155F89D89A3FE7142878E0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16830_none_2d5b556b1cf03df9\iexplore.exe

[2009/07/18 06:55:42 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=EBEE9E4421F35CD861107DDA0266FBB1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22475_none_2fa4f48433505a52\iexplore.exe

[2011/05/28 01:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=ED65737D70FDEAC29F738E77D2496EE5 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19088_none_11fc80ad30059648\iexplore.exe

[2010/06/26 01:52:42 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=F05B3A2C6CB319DD1377AD566CF5ECE5 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_12a958f24909fe6f\iexplore.exe

[2009/01/14 23:18:47 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=F0B1CA517977BA2FF6DA33F1B966C488 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_2daa146a36391d73\iexplore.exe

[2009/04/24 11:08:04 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=F294D8EEB05C835EC44A12CE0A1DFE7A -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\iexplore.exe

< MD5 for: IEXPLORE.EXE.1072.DMP >

[2014/02/09 11:44:31 | 006,630,537 | ---- | M] () MD5=A749836CE9C0F205A0106DD42A24A905 -- C:\Users\Scott\AppData\Local\CrashDumps\iexplore.exe.1072.dmp

< MD5 for: IEXPLORE.EXE.5380.DMP >

[2014/01/29 03:14:04 | 006,820,822 | ---- | M] () MD5=3E4BEDD2FBF0B6BBB493800E3EF16D2C -- C:\Users\Scott\AppData\Local\CrashDumps\iexplore.exe.5380.dmp

< MD5 for: IEXPLORE.EXE.5992.DMP >

[2014/02/01 09:56:27 | 006,657,824 | ---- | M] () MD5=43111182AE8D2D6A5FFF7653DD7BA925 -- C:\Users\Scott\AppData\Local\CrashDumps\iexplore.exe.5992.dmp

< MD5 for: IEXPLORE.EXE.6704.DMP >

[2014/01/29 03:31:33 | 006,947,132 | ---- | M] () MD5=EC52359B6F96B33A992D627F7E1AF798 -- C:\Users\Scott\AppData\Local\CrashDumps\iexplore.exe.6704.dmp

< MD5 for: IEXPLORE.EXE.6792.DMP >

[2014/01/29 02:26:20 | 006,734,322 | ---- | M] () MD5=71CF92BC87C8449D9F2F4EA46812544B -- C:\Users\Scott\AppData\Local\CrashDumps\iexplore.exe.6792.dmp

< MD5 for: IEXPLORE.EXE.6804.DMP >

[2014/06/16 08:02:59 | 003,505,525 | ---- | M] () MD5=265B7F955C8678C7354BED4EA03EE64F -- C:\Users\Scott\AppData\Local\CrashDumps\iexplore.exe.6804.dmp

< MD5 for: IEXPLORE.EXE.7036.DMP >

[2014/01/29 01:19:18 | 007,596,736 | ---- | M] () MD5=044390D94E8125D0DFB1AC8299E30070 -- C:\Users\Scott\AppData\Local\CrashDumps\iexplore.exe.7036.dmp

< MD5 for: IEXPLORE.EXE.712.DMP >

[2014/02/09 11:38:33 | 006,852,689 | ---- | M] () MD5=D4C94B5C5776B90FE68860BD4094934C -- C:\Users\Scott\AppData\Local\CrashDumps\iexplore.exe.712.dmp

< MD5 for: IEXPLORE.EXE.8144.DMP >

[2014/01/29 01:55:39 | 006,701,934 | ---- | M] () MD5=0CE611EAA2F095CE1D0F9F34EC34D86D -- C:\Users\Scott\AppData\Local\CrashDumps\iexplore.exe.8144.dmp

< MD5 for: IEXPLORE.EXE.MUI >

[2006/11/02 07:41:15 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=3CCDDDBC49DEACA370F39A9F0E146A1B -- C:\Windows\winsxs\x86_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_3b55b11a57da5590\iexplore.exe.mui

[2009/03/08 16:27:11 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui

[2009/03/08 16:27:11 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Windows\winsxs\x86_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_8.0.6001.18702_en-us_207795706a90d6c1\iexplore.exe.mui

< MD5 for: IEXPLORE.EXE-058FE8F5.PF >

[2014/07/17 04:56:27 | 000,200,064 | ---- | M] () MD5=9E07E715B7C9CC803413BFBCD3DD3C47 -- C:\Windows\Prefetch\IEXPLORE.EXE-058FE8F5.pf

< MD5 for: SERVICES >

[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services

[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services

< MD5 for: SERVICES.EXE >

[2008/01/20 21:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe

[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe

[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SERVICES.EXE.MUI >

[2006/11/02 07:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui

[2006/11/02 07:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui

< MD5 for: SERVICES.EXE-7FDA2469.PF >

[2014/07/11 08:22:52 | 000,009,512 | ---- | M] () MD5=F831660DB94F103D2DC344A7F1086B8F -- C:\Windows\Prefetch\SERVICES.EXE-7FDA2469.pf

< MD5 for: SERVICES.LNK >

[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >

[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof

[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof

< MD5 for: SERVICES.MSC >

[2006/11/02 07:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc

[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc

[2006/11/02 07:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc

[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc

< MD5 for: WINLOGON.EXE >

[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe

[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2008/01/20 21:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WINLOGON.EXE.MUI >

[2008/01/20 21:25:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\Windows\System32\en-US\winlogon.exe.mui

[2008/01/20 21:25:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6001.18000_en-us_caf8918b0416723a\winlogon.exe.mui

[2006/11/02 07:40:50 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=A1D2856F3EC3C86EBBF1442B0245A8B3 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c8c1cf8f072b6166\winlogon.exe.mui

< MD5 for: WINLOGON.EXE-DEDDC9B6.PF >

[2014/07/11 08:22:52 | 000,016,236 | ---- | M] () MD5=1867ADB7241B058C1C4E92B5C5A5A0DA -- C:\Windows\Prefetch\WINLOGON.EXE-DEDDC9B6.pf

< MD5 for: WINLOGON.MOF >

[2006/09/18 16:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\System32\wbem\winlogon.mof

[2006/09/18 16:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.0.6000.16386_none_7e0207d478fccc94\winlogon.mof

< %SYSTEMDRIVE%\*.* >

[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2008/08/06 13:09:21 | 000,003,522 | RH-- | M] () -- C:\dell.sdr

[2010/05/11 01:57:23 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt

[2010/10/25 08:27:24 | 000,000,882 | ---- | M] () -- C:\net_save.dna

[2008/08/06 10:33:01 | 000,026,927 | ---- | M] () -- C:\newfile.enc

[2008/08/06 10:33:01 | 000,026,927 | ---- | M] () -- C:\newkey

[2014/07/18 14:59:35 | 3524,587,520 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\Fonts\*.com >

[2006/11/02 07:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont

[2006/11/02 07:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont

[2006/11/02 07:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont

[2009/10/10 11:48:35 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >

[2006/09/18 16:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

[2007/10/20 19:21:50 | 000,278,016 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\hpzpp5mu.dll

[2008/01/20 21:23:14 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL

[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll

[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\mdippr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

[2011/05/13 15:42:24 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

[2008/01/20 21:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< dir "%systemdrive%\*" /S /A:L /C >

Volume in drive C is OS

Volume Serial Number is E23A-04A0

Directory of C:\ProgramData

09/24/2008 12:36 PM <JUNCTION> Application Data [C:\ProgramData]

09/24/2008 12:36 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]

09/24/2008 12:36 PM <JUNCTION> Documents [C:\Users\Public\Documents]

09/24/2008 12:36 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]

09/24/2008 12:36 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]

09/24/2008 12:36 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]

0 File(s) 0 bytes

Directory of C:\Users

09/24/2008 12:36 PM <SYMLINKD> All Users [C:\ProgramData]

09/24/2008 12:36 PM <JUNCTION> Default User [C:\Users\Default]

0 File(s) 0 bytes

Directory of C:\Users\All Users

09/24/2008 12:36 PM <JUNCTION> Application Data [C:\ProgramData]

09/24/2008 12:36 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]

09/24/2008 12:36 PM <JUNCTION> Documents [C:\Users\Public\Documents]

09/24/2008 12:36 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]

09/24/2008 12:36 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]

09/24/2008 12:36 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]

0 File(s) 0 bytes

Directory of C:\Users\Default

09/24/2008 12:36 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]

09/24/2008 12:36 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]

09/24/2008 12:36 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]

09/24/2008 12:36 PM <JUNCTION> My Documents [C:\Users\Default\Documents]

09/24/2008 12:36 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]

09/24/2008 12:36 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]

09/24/2008 12:36 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]

09/24/2008 12:36 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]

09/24/2008 12:36 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]

09/24/2008 12:36 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]

0 File(s) 0 bytes

Directory of C:\Users\Default\AppData\Local

09/24/2008 12:36 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]

09/24/2008 12:36 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]

09/24/2008 12:36 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]

0 File(s) 0 bytes

Directory of C:\Users\Default\Documents

09/24/2008 12:36 PM <JUNCTION> My Music [C:\Users\Default\Music]

09/24/2008 12:36 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]

09/24/2008 12:36 PM <JUNCTION> My Videos [C:\Users\Default\Videos]

0 File(s) 0 bytes

Directory of C:\Users\Mcx1

12/11/2011 07:09 PM <JUNCTION> Application Data [C:\Users\Mcx1\AppData\Roaming]

12/11/2011 07:09 PM <JUNCTION> Cookies [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Cookies]

12/11/2011 07:09 PM <JUNCTION> Local Settings [C:\Users\Mcx1\AppData\Local]

12/11/2011 07:09 PM <JUNCTION> My Documents [C:\Users\Mcx1\Documents]

12/11/2011 07:09 PM <JUNCTION> NetHood [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Network Shortcuts]

12/11/2011 07:09 PM <JUNCTION> PrintHood [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]

12/11/2011 07:09 PM <JUNCTION> Recent [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Recent]

12/11/2011 07:09 PM <JUNCTION> SendTo [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\SendTo]

12/11/2011 07:09 PM <JUNCTION> Start Menu [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu]

12/11/2011 07:09 PM <JUNCTION> Templates [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Templates]

0 File(s) 0 bytes

Directory of C:\Users\Mcx1\AppData\Local

12/11/2011 07:09 PM <JUNCTION> Application Data [C:\Users\Mcx1\AppData\Local]

12/11/2011 07:09 PM <JUNCTION> History [C:\Users\Mcx1\AppData\Local\Microsoft\Windows\History]

12/11/2011 07:09 PM <JUNCTION> Temporary Internet Files [C:\Users\Mcx1\AppData\Local\Microsoft\Windows\Temporary Internet Files]

0 File(s) 0 bytes

Directory of C:\Users\Mcx1\Documents

12/11/2011 07:09 PM <JUNCTION> My Music [C:\Users\Mcx1\Music]

12/11/2011 07:09 PM <JUNCTION> My Pictures [C:\Users\Mcx1\Pictures]

12/11/2011 07:09 PM <JUNCTION> My Videos [C:\Users\Mcx1\Videos]

0 File(s) 0 bytes

Directory of C:\Users\Public\Documents

09/24/2008 12:36 PM <JUNCTION> My Music [C:\Users\Public\Music]

09/24/2008 12:36 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]

09/24/2008 12:36 PM <JUNCTION> My Videos [C:\Users\Public\Videos]

0 File(s) 0 bytes

Directory of C:\Users\Scott

09/24/2008 12:39 PM <JUNCTION> Application Data [C:\Users\Scott\AppData\Roaming]

09/24/2008 12:39 PM <JUNCTION> Cookies [C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Cookies]

09/24/2008 12:39 PM <JUNCTION> Local Settings [C:\Users\Scott\AppData\Local]

09/24/2008 12:39 PM <JUNCTION> My Documents [C:\Users\Scott\Documents]

09/24/2008 12:39 PM <JUNCTION> NetHood [C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Network Shortcuts]

09/24/2008 12:39 PM <JUNCTION> PrintHood [C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]

09/24/2008 12:39 PM <JUNCTION> Recent [C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Recent]

09/24/2008 12:39 PM <JUNCTION> SendTo [C:\Users\Scott\AppData\Roaming\Microsoft\Windows\SendTo]

09/24/2008 12:39 PM <JUNCTION> Start Menu [C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu]

09/24/2008 12:39 PM <JUNCTION> Templates [C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Templates]

0 File(s) 0 bytes

Directory of C:\Users\Scott\AppData\Local

09/24/2008 12:39 PM <JUNCTION> Application Data [C:\Users\Scott\AppData\Local]

09/24/2008 12:39 PM <JUNCTION> History [C:\Users\Scott\AppData\Local\Microsoft\Windows\History]

09/24/2008 12:39 PM <JUNCTION> Temporary Internet Files [C:\Users\Scott\AppData\Local\Microsoft\Windows\Temporary Internet Files]

0 File(s) 0 bytes

Directory of C:\Users\Scott\AppData\LocalLow

11/27/2011 12:14 AM <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]

0 File(s) 0 bytes

Directory of C:\Users\Scott\Documents

09/24/2008 12:39 PM <JUNCTION> My Music [C:\Users\Scott\Music]

09/24/2008 12:39 PM <JUNCTION> My Pictures [C:\Users\Scott\Pictures]

09/24/2008 12:39 PM <JUNCTION> My Videos [C:\Users\Scott\Videos]

0 File(s) 0 bytes

Directory of C:\Windows\System32\config\systemprofile

08/06/2008 10:39 AM <JUNCTION> Application Data [c:\Windows\system32\config\systemprofile\AppData\Roaming]

08/06/2008 10:39 AM <JUNCTION> Cookies [c:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]

08/06/2008 10:39 AM <JUNCTION> Local Settings [c:\Windows\system32\config\systemprofile\AppData\Local]

0 File(s) 0 bytes

Directory of C:\Windows\System32\config\systemprofile\AppData\Local

08/06/2008 10:39 AM <JUNCTION> Application Data [c:\Windows\system32\config\systemprofile\AppData\Local]

08/06/2008 10:39 AM <JUNCTION> History [c:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]

08/06/2008 10:39 AM <JUNCTION> Temporary Internet Files [c:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]

0 File(s) 0 bytes

Total Files Listed:

0 File(s) 0 bytes

72 Dir(s) 138,566,139,904 bytes free

< %systemroot%\System32\config\*.sav >

[2008/01/20 22:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008/01/20 22:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008/01/20 22:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >

[2011/07/10 08:41:29 | 000,000,286 | -HS- | M] () -- C:\Users\Scott\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2014-07-11 13:15:04

< End of report >

Edited by Nettie724, 19 July 2014 - 06:59 PM.

#4 Nettie724

Authentic Member

Authentic Member
206 posts

Posted 19 July 2014 - 06:57 PM

Here is the second report:

Extras.Txt:

OTL Extras logfile created on: 7/18/2014 7:45:57 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Scott\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19543)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 51.65% Memory free

6.18 Gb Paging File | 4.65 Gb Available in Paging File | 75.18% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 220.58 Gb Total Space | 128.12 Gb Free Space | 58.08% Space Free | Partition Type: NTFS

Drive D: | 9.77 Gb Total Space | 5.47 Gb Free Space | 56.00% Space Free | Partition Type: NTFS

Computer Name: SCOTT-PC | User Name: Scott | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UacDisableNotify" = 0

"InternetSettingsDisableNotify" = 0

"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00BFE656-B7DF-410E-8A39-B62B9F17A942}" = lport=10244 | protocol=6 | dir=in | app=system |

"{03A823DD-AB07-44A6-AEC2-BACF20296E6B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{05AA7A55-4DB7-46C7-A064-4A62EB77A661}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{0A787CE8-C054-45D5-BBC0-95057F3EE6BD}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |

"{2016D724-A702-4C9C-9E35-ADC212E35E1A}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{2C35573B-6B58-4385-9EE1-3915FB53AD21}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |

"{2ED9899A-FCA3-4712-8218-48263C735FB7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{3361174E-E583-444F-95D4-741E92CF1CD1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{384BF9E2-E8A7-4C96-AE34-0CC6C7544E6E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{3F499C15-5AC5-4E69-B530-1669B26A38B3}" = rport=10243 | protocol=6 | dir=out | app=system |

"{4077509B-DCCC-461A-A610-A381F0B6CBD7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{4492A3C1-302D-4703-91B8-307A98EE16D6}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |

"{49344701-D8E4-4A23-8ABA-33A76F78414E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{4CF9932D-2683-4307-9EDA-659FF7181B3E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{4D3FD7AA-2C20-4214-8CD8-A96F178F4299}" = lport=2869 | protocol=6 | dir=in | app=system |

"{4E88EF26-0781-4BD9-A483-4D43185DE068}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{58A47219-E956-42B9-887C-69BBC16E4E55}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{5910A565-8FA5-4BE3-A53A-F6ECBE22DE52}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |

"{5ABFD686-9AF6-4FFB-A100-6FDFDB9B216D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{5DA823CF-1740-46C6-BACD-0593AEB6AC46}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{6990E608-AB99-4F23-9C9D-9E3B54574328}" = rport=445 | protocol=6 | dir=out | app=system |

"{70EE8131-5DD4-4CD6-A85D-F35AAA65EC8D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{724F36EA-4D09-4255-92E4-1C5F6A9ED235}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{75FF6410-63EC-4592-A353-EDCB69389A32}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{797A0CFA-9589-474D-953F-7597C395BB41}" = lport=445 | protocol=6 | dir=in | app=system |

"{7B69315E-65BB-411E-B729-83D0A856E04C}" = lport=3390 | protocol=6 | dir=in | app=system |

"{7BEFA5D4-9A8B-4B3A-AA90-4E691A9DE12E}" = lport=10243 | protocol=6 | dir=in | app=system |

"{85633294-EB6F-4526-BF63-555D2006B5BC}" = lport=2869 | protocol=6 | dir=in | app=system |

"{8A73ED06-E3A3-4ACE-B8DC-020DA57EE1A2}" = lport=3390 | protocol=6 | dir=in | app=system |

"{8AB4B15C-20C8-43D9-AAB3-7699259FDD63}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{91573FE1-FB7A-48E3-BAF9-48001BC32B6F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{981DADC5-F522-4295-B9F8-076C16F7E7FE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{9B5C98B6-17D5-44B7-94E0-74D4D5C55A48}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{9F085B4F-4A07-4543-B2B5-9210BD09C143}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{A298E5C7-2A5A-42E8-80AF-4EA03F25428F}" = rport=139 | protocol=6 | dir=out | app=system |

"{A75736F0-B827-4404-BAD0-3154588AFB3B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{A837A6FB-7A38-4909-A83D-1926EB4E540D}" = lport=10244 | protocol=6 | dir=in | app=system |

"{A910A9F1-F8BA-4E4A-BFCC-2B9F0C26D66E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{A997CA4D-17B1-4648-9AA5-40F839C08743}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{A9FE452E-E0E3-40E5-AA79-17C8ECED3E26}" = rport=10244 | protocol=6 | dir=out | app=system |

"{AFBD41F4-D7F9-4099-80BE-00454C0073FE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{B0A8E675-E2C6-4AEB-8A47-C3BC36195E37}" = rport=137 | protocol=17 | dir=out | app=system |

"{B78005BE-F4D2-4D0F-915A-759030126063}" = rport=10244 | protocol=6 | dir=out | app=system |

"{BA697C08-ECD3-4E9A-A315-44A590FCBCA0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{BC38D346-50E6-457A-B816-763C27EABAD2}" = lport=139 | protocol=6 | dir=in | app=system |

"{BE47339B-5B98-4DAC-B97B-E6BB0016E041}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{C75B0308-A79E-40A2-A8A3-3D93F0473CA1}" = lport=138 | protocol=17 | dir=in | app=system |

"{CB6AC29C-03F4-4753-BDD4-78728790F496}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{CE7A1104-92D2-46D8-AC84-B76C2CD1B089}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{CF04CE23-806A-4A8E-9F00-2294939243AE}" = rport=138 | protocol=17 | dir=out | app=system |

"{D09AE9AD-D4E1-49D3-AF94-BA9D32605EC1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{D5E6FED3-BE7E-4113-B4EB-7262158E2BB7}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{DC677341-A449-4CFB-811B-B6F3725BE3DE}" = lport=137 | protocol=17 | dir=in | app=system |

"{E1899E0D-9938-4472-86B8-DB3AC3D32AB0}" = rport=2869 | protocol=6 | dir=out | app=system |

"{E78308F2-7D96-4F13-AF73-0EC2F4037E4E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{EEBC1561-6119-4F40-BDF7-891137A42BD6}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{EF8FF7EC-84C3-486A-AE1F-A1BB609E896B}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{FE8E8FCC-206F-4FC4-9016-976BC2FFFF5A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{FF1153F5-D6FC-488C-A331-08A84394A659}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0DD68AD9-357C-4113-BB86-5DC714367227}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |

"{10C4A9F5-3DDA-4054-B887-8E9B5CA85021}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |

"{13E1A35C-7C83-4AB0-92B8-4B99C564C6AB}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |

"{1A9D7E47-BF8F-4025-A667-1E914D264E59}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |

"{25558ACD-12C2-491C-A992-6DC5D330B955}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |

"{26D410DF-56D3-44E2-86C4-B3DC67F8D366}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |

"{2A3F7AA3-F01F-499D-BB74-503FA85D1818}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |

"{2F9EE299-0638-43CA-856E-E8EB404E6032}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |

"{3239EE78-EF64-40FD-9DFD-41D99BA74F62}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |

"{326D28E5-7F34-42F3-91E3-C37B85E4319D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |

"{38131380-A9C7-4C23-A572-0CDE8701103A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{3A0D3AE4-FC33-48B4-B744-E1B1EFF7DD0F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{544934E9-85FB-4DFA-BE25-6F46B54A098F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{55D44644-63D3-4821-A8C1-671818045DF1}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |

"{5955CE69-DFF0-4C3D-8179-1F308884A743}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{6040A91D-83CB-4072-B72C-BAEA8F4F3DF5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |

"{6185BFFE-DA46-4161-B09B-4880AA7D5217}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |

"{621B56BC-7B75-4B00-AA7D-B72BBACF0DF2}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |

"{68391ADE-9EE1-4663-98EE-356F0739A406}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{68EAFAD4-9182-454B-BE4E-6A3E80B2960D}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |

"{691BA540-3D6B-4E72-ACF1-D74D7A87BE28}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |

"{6A94767B-C1E4-4F05-820C-60F71CDC7B22}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |

"{72BBCCB1-D842-47C0-806B-8D6D8FCC5D5B}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |

"{77EB0330-B6A0-48BE-ACB5-9FBA58EC5367}" = protocol=6 | dir=out | app=system |

"{78369529-8040-4B9B-A3C4-5CB14D29FE32}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |

"{8047C390-BA49-4305-B62A-82E504C13D08}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

"{838A831D-EC09-4F6C-8207-1A98C5DF3916}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"{8E7B4B00-8331-4D3A-8233-F1D42BEB9B56}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |

"{8F6B2DF2-F9FC-4987-A4B3-5D63AF1DC3E1}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |

"{94ADA797-3A07-4153-AD25-46A4C83E300D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

"{9F228050-C817-4B5C-8C43-427CF15E717A}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{9FBA3466-52E8-46C8-89E2-2F6597788A75}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{A34A7DFC-6B96-4809-AE28-4012DDCCE34F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |

"{A6D9CE40-98F9-4849-98CF-3687F48C4ADA}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |

"{A728063E-4BE1-4D54-A6CF-32BC892C44AB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{A98ED5BB-26E9-43C4-AE40-7B21D684D5FD}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |

"{AB3A7768-A1B1-4F72-A841-20BEC1E47162}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{B0311805-4923-4B5B-9B62-9149392EBBFF}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |

"{B98F074C-0792-49C1-821A-8614534B82D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{BA6E601D-8690-4DFC-95E4-79955A67B934}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{C02A4202-5CE1-4FD9-BB0A-E21282033854}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |

"{C128A76F-BC3C-40EA-9380-802279A4C50C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{C22AB342-243C-400A-8B43-FAF5CCF54552}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |

"{C7210823-6C83-4A00-AC1D-3085A38B9AC3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{C7A2C6C2-FE1C-469F-AE8D-AD9CBA94B3EA}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |

"{CE3D4F5F-38D5-4C12-A2A3-44DB72556C30}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |

"{D3025250-70B9-42CD-9D93-4E87865592BE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{D4634E38-6396-47B6-BD77-67CA2FD48EF1}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |

"{D5091628-F3B0-44DF-9711-5E92BE047B51}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{D530E518-F778-4185-9172-72FA2854EAEB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{D73781E2-600A-4ACF-B839-949007E5E29C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{DEB227B1-5B62-41CD-8592-41903CD125C7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{EA94F2FF-1AE4-42E7-8A55-741AA5836D2C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{EE0EDA24-89AF-4D61-A543-5D1ECB64E0A8}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{F789CA20-4065-4C65-90F1-09E82C143D05}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{FA11200A-60F5-48D5-A625-CE57B15675D6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{FA68FF9F-7403-4724-B0E3-A4E36F9239D3}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

"{FB03A01C-0691-4D7B-8291-A0A5B31534CC}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |

"{FBE0F7B0-6B00-4229-9600-5A056DFEA0C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{FF54912B-C725-45DC-B857-3C017C8BDE94}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2

"{0411A7A4-23D4-47ad-B109-3CBE7E8093F1}" = HP Deskjet Printer Driver Software. 8.0.B

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CDD5599-836A-4650-8BE7-F33D8D915A0D}" = dj6980

"{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}" = HP Deskjet D1500 Printer Driver Software 10.0 Rel .3

"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService

"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1C278B97-9D25-48B0-9A4E-F4F2BB992043}" = EPSON Perfection V200 Photo Scanner Driver Update

"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F2DF2C6-08F7-40BD-8E85-D16CB436E7F0}" = Free NaturalReader

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email

"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant

"{305468A6-DE2D-43ba-A168-2F45A97A89DA}" = DJ_SF_03_D1500_Software_Min

"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant

"{3822F6D9-F309-41f4-BB98-DA061F0BA8B3}" = SF_CDB_Software

"{38436888-9EAA-4cec-A56F-65B73D9D423C}" = D1500

"{3D10E608-A4A3-40AD-B91C-6D963BBD91D5}" = LP6980_Help

"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting

"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources

"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager

"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1

"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet

"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11

"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion

"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC

"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes

"{5EF2B896-B1C1-46E8-83AD-4F940B7A5982}" = MathGV 4

"{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update

"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer

"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector

"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator

"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm

"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{759142E8-25B0-42AE-B408-4215065D3F4B}" = Windows Live Family Safety

"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar

"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide

"{82C113AD-486F-4bd5-A2EA-2383AF57D084}" = D1500_Help

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour

"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz

"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables

"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations

"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad

"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional

"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1

"{AF36CE1D-FD2C-4BA0-93FA-1196785DD610}" = Adobe Flash Player 10 Plugin

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B1421599-A42D-47ef-B512-B9B0317BD599}" = DJ_SF_03_D1500_Software

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars

"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0

"{B78FB576-8BB4-4799-B612-A02B74BA0DF0}" = AVG 2014

"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply

"{B97FD5DD-1226-49AD-AE6C-BF9DE1468F05}" = CenturyLink Personal Digital Vault™

"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5

"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety

"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module

"{C0E5147E-C9F3-4360-9ED0-2E875F11766C}" = Respondus LockDown Browser

"{C25D2594-3136-4B33-9D32-8F0F5E81F349}" = MGTEK dopisp

"{C330C4F4-FD7C-4821-A210-F8058E1FB81C}" = AVG 2014

"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{C716522C-3731-4667-8579-40B098294500}" = Toolbox

"{C96FF998-45BD-411E-9253-B7F2660FE280}" = CenturyLink Installer

"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D03E7B00-CA85-4684-9321-1888873C34BD}" = ArcSoft PhotoImpression 6

"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect

"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0

"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential

"{EDABA4A8-8B7E-488A-A85C-17406C1C62CA}" = LP6980Trb

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer

"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool

"{F789C27E-B3EF-4730-9EB5-928B4D8A17C1}" = SF_CDB_ProductContext

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"Advanced Video FX Engine" = Advanced Video FX Engine

"Aleks 3.8" = Aleks 3.8

"AVG" = AVG 2014

"AVG Secure Search" = AVG Security Toolbar

"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card

"CCleaner" = CCleaner

"CenturyLinkQuickCare_is1" = CenturyLink QuickCare 2.7

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem

"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)

"Dell Webcam Center" = Dell Webcam Center

"Dell Webcam Manager" = Dell Webcam Manager

"EPSON Scanner" = EPSON Scan

"Google Chrome" = Google Chrome

"GoToAssist" = GoToAssist 8.0.0.514

"HP Imaging Device Functions" = HP Imaging Device Functions 10.0

"HP Photosmart Essential" = HP Photosmart Essential 2.5

"HP Smart Web Printing" = HP Smart Web Printing

"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0

"HPExtendedCapabilities" = HP Customer Participation Program 10.0

"InboxAce_1gbar Uninstall Internet Explorer" = InboxAce Internet Explorer Toolbar

"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Office Depot PC Support Agent" = Office Depot PC Support Agent

"qwesttoolbar" = MyCenturyLink Toolbar

"SelectRebatesUninstall" = ShopAtHome.com Toolbar

"Shop for HP Supplies" = Shop for HP Supplies

"WinLiveSuite" = Windows Live Essentials

"Yahoo! Companion" = Yahoo! Toolbar

"Yahoo! Messenger" = Yahoo! Messenger

"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"FF389026-F961-42C5-BACD-B4A3AA73E0F3" = Riverpoint Writer

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 7/16/2014 8:38:32 PM | Computer Name = Scott-PC | Source = Application Error | ID = 1000

Description = Faulting application bcmwltry.exe, version 4.170.25.12, time stamp

0x46f3437a, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception

code 0xc0000005, fault offset 0x04829362, process id 0x784, application start time

0x01cfa15727b29514.

Error - 7/16/2014 10:16:34 PM | Computer Name = Scott-PC | Source = System Restore | ID = 8199

Description =

Error - 7/16/2014 10:38:07 PM | Computer Name = Scott-PC | Source = WinMgmt | ID = 10

Description =

Error - 7/16/2014 10:40:53 PM | Computer Name = Scott-PC | Source = System Restore | ID = 8203

Description =

Error - 7/16/2014 11:09:58 PM | Computer Name = Scott-PC | Source = WinMgmt | ID = 10

Description =

Error - 7/16/2014 11:12:44 PM | Computer Name = Scott-PC | Source = System Restore | ID = 8209

Description =

Error - 7/17/2014 12:24:45 AM | Computer Name = Scott-PC | Source = WinMgmt | ID = 10

Description =

Error - 7/18/2014 3:31:05 PM | Computer Name = Scott-PC | Source = WinMgmt | ID = 10

Description =

Error - 7/18/2014 4:00:54 PM | Computer Name = Scott-PC | Source = WinMgmt | ID = 10

Description =

Error - 7/18/2014 4:03:53 PM | Computer Name = Scott-PC | Source = System Restore | ID = 8203

Description =

[ Broadcom Wireless LAN Events ]

Error - 12/13/2013 11:00:30 PM | Computer Name = Scott-PC | Source = WLAN-Tray | ID = 0

Description = 21:00:30, Fri, Dec 13, 13 Error - Unable to gain access to user store

Error - 3/25/2014 8:08:59 PM | Computer Name = Scott-PC | Source = WLAN-Tray | ID = 0

Description = 19:08:58, Tue, Mar 25, 14 Error - Unable to gain access to user store

Error - 5/3/2014 2:35:40 PM | Computer Name = Scott-PC | Source = WLAN-Tray | ID = 0

Description = 13:35:40, Sat, May 03, 14 Error - Unable to gain access to user store

[ Media Center Events ]

Error - 11/2/2008 12:09:20 PM | Computer Name = Scott-PC | Source = MCUpdate | ID = 0

Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed

due to an abandoned mutex.'.

Error - 10/7/2009 6:56:12 PM | Computer Name = Scott-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/2/2010 12:32:18 PM | Computer Name = Scott-PC | Source = MCUpdate | ID = 0

Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed

due to an abandoned mutex.'.

Error - 4/8/2010 11:38:00 PM | Computer Name = Scott-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 2/1/2011 3:26:35 PM | Computer Name = Scott-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/11/2011 8:07:59 PM | Computer Name = Scott-PC | Source = Mcx2Dvcs | ID = 401

Description =

Error - 12/11/2011 8:08:31 PM | Computer Name = Scott-PC | Source = Mcx2Dvcs | ID = 401

Description =

Error - 1/5/2012 12:44:15 PM | Computer Name = Scott-PC | Source = MCUpdate | ID = 0

Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed

due to an abandoned mutex.'.

[ System Events ]

Error - 7/18/2014 3:33:08 PM | Computer Name = Scott-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 7/18/2014 3:33:09 PM | Computer Name = Scott-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 7/18/2014 3:33:09 PM | Computer Name = Scott-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 7/18/2014 4:00:54 PM | Computer Name = Scott-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 7/18/2014 4:01:35 PM | Computer Name = Scott-PC | Source = Service Control Manager | ID = 7022

Description =

Error - 7/18/2014 4:01:35 PM | Computer Name = Scott-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 7/18/2014 4:01:36 PM | Computer Name = Scott-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 7/18/2014 4:01:37 PM | Computer Name = Scott-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 7/18/2014 4:01:38 PM | Computer Name = Scott-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 7/18/2014 4:01:38 PM | Computer Name = Scott-PC | Source = Service Control Manager | ID = 7000

Description =

< End of report >

Edited by Nettie724, 19 July 2014 - 06:58 PM.

#5 Ztruker

WTT Technical Elder

Tech Team
8,292 posts

Interests:Helping people fix MS Windows related computer problems of all kinds.

Waking each morning to see the green side of the Earth!

Posted 19 July 2014 - 07:10 PM

You posted this in the wrong forum. It should have benn posted in the Spyware / Malware / Virus Removal forum,

I'll see about getting your last two posts moved there.

Rich

Die with memories, not dreams. – Unknown

#6 Nettie724

Authentic Member

Authentic Member
206 posts

Posted 19 July 2014 - 07:46 PM

Oh sorry! and thanks

#7 Ztruker

WTT Technical Elder

Tech Team
8,292 posts

Interests:Helping people fix MS Windows related computer problems of all kinds.

Waking each morning to see the green side of the Earth!

Posted 20 July 2014 - 11:40 AM

Please start a new topic in Spyware / Malware / Virus Removal forum. Looks like there is no way to move your posts until a thread already exists there. You can then copy and paste the info from the two posts you made here or just post here that the new thread has been created and I can move them.

Once that's done they will work with you on any malware they find. come back here if you have any additional questions or concerns or it turns out not to be a malware problem.

Edited by Ztruker, 20 July 2014 - 11:41 AM.

Rich

Die with memories, not dreams. – Unknown

Body Background

skin color theme

System Restore gone wrong

#1 Nettie724

Advertisements

Register to Remove

#2 Ztruker

#3 Nettie724

#4 Nettie724

#5 Ztruker

#6 Nettie724

#7 Ztruker

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Body Background

skin color theme

System Restore gone wrong

#1 Nettie724

Advertisements Register to Remove

#2 Ztruker

#3 Nettie724

#4 Nettie724

#5 Ztruker

#6 Nettie724

#7 Ztruker

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Sign In

Advertisements

Register to Remove